Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

QoS PreClassify Command

Hi Guys,

I hope someone can help me here. Just revising some ONT stuff before exam and realised that i do not understand when the 'qos pre-classify' command is used when implementing QoS over VPNs.

Can someone clearly expalin when exactly you use the QoS Pre-Classisfy command and when not to use it.

Forever Greatful


PS - i'm gonna post this over in 'Certifications' also for a bit more exposure.

========================== A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful

Re: QoS PreClassify Command

qos pre-classify is used to identify ip header information before it passes through a tunnel (encrypted or unencrypted) for qos purposes. depending on tunnel-type, a certain amount of header information is copied, and then applied to the tunnel header, so QoS information is available as it passes through the tunnel network. Without pre-classification, the QoS bits are lost in encryption and/or packet encapsulation.

Super Bronze

Re: QoS PreClassify Command

If the before encapsulation packets have TOS settings that you want to "analyze" after the packets have been encapsulated with a VPN packet, then you can use pre-classify to copy the TOS values to the VPN packet's TOS. NB: The copied TOS can be overwritten, but that won't change the original packet's TOS.

E.g. you have VoIP packets marked with TOS values (perhaps a DSCP EF) so QoS can give them better treatment. If the original packet's TOS isn't copied to the VPN packet's TOS, QoS could no longer tell the difference between VoIP packets and FTP packets since they are now likely to be encrypted. (Pre-Classify is the command to cause the copy.)

Re: QoS PreClassify Command

Thanks for the help guys.

Joseph - your version seemed a little clearer. I now understand when to 'apply' the command. However, in some ONT guides, they also give reason when not to apply the command to a tunnel interface or even more confusing - when to apply a service-policy command to an interface only when using QoS for VPNs.

can you shed any light on either of the later scenarios?

Thanks again


========================== A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
Super Bronze

Re: QoS PreClassify Command

I'm wondering whether part of the confusion might be where you need to apply the command for it to be actually effective.

If, however, the question is why you wouldn't want to use the command, two possible reasons come to mind. First, you know nothing actually processes the TOS later on, so using the command doesn't accomplish anything and perhaps by not using it avoids a performance hit. Second, your encapsulated packets are to be treated as a class (or part of a class) themselves, not by their original contents.

If you have any URL references that I could see, that appear unclear, I might be able to comment further.

CreatePlease to create content